CVE-2022-1965
8.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Summary
Multiple products of CODESYS implement a improper error handling. A low privilege remote attacker may craft a request, which is not properly processed by the error handling. In consequence, the file referenced by the request could be deleted. User interaction is not required.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| CODESYS | Runtime Toolkit | V2 < V2.4.7.57 | affected |
| CODESYS | PLCWinNT | V2 < V2.4.7.57 | affected |
Weaknesses
- CWE-755: CWE-755 Improper Handling of Exceptional Conditions
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.